Hackers are increasingly leveraging PDF attachments in email-based phishing campaigns to impersonate trusted brands like Microsoft and DocuSign.
Posted inCybersecurity News

Hackers are increasingly leveraging PDF attachments in email-based phishing campaigns to impersonate trusted brands like Microsoft and DocuSign.

Hackers are increasingly leveraging PDF attachments in email-based phishing campaigns to impersonate trusted brands like Microsoft and DocuSign, as well as others such as NortonLifeLock, PayPal, and Geek Squad. The primary technique being used is known as callback phishing or Telephone-Oriented Attack Delivery (TOAD), where victims are persuaded to call phone numbers controlled by the attackers.
Chinese-linked Houken targets France in Ivanti zero-day exploit campaign.
Posted inCybersecurity News

Chinese-linked Houken targets France in Ivanti zero-day exploit campaign.

A Chinese-linked hacking group, dubbed “Houken,” has been identified as the orchestrator of a sophisticated cyberattack campaign targeting French organizations by exploiting multiple zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) devices. The campaign was first detected by France’s national cybersecurity agency, ANSSI, in September 2024, though evidence suggests it may have started as early as 2023.
Critical vulnerability found in Cl0p’s custom data exfiltration tool that could allow remote code execution against the criminal cybergang.
Posted inCybersecurity News

Critical vulnerability found in Cl0p’s custom data exfiltration tool that could allow remote code execution against the criminal cybergang.

A critical vulnerability has been discovered in the Cl0p cybercrime gang’s custom data exfiltration tool, which exposes the group itself to potential remote code execution (RCE) attacks. This flaw, rated with a severity score of 8.9, was found by Italian researcher Lorenzo N and detailed by the Computer Incident Response Center Luxembourg (CIRCL).
Multiple critical vulnerabilities found in Forminator WordPress plugin could impact up to 600,000 websites.
Posted inCybersecurity News

Multiple critical vulnerabilities found in Forminator WordPress plugin could impact up to 600,000 websites.

A series of critical vulnerabilities have been discovered in the popular Forminator WordPress plugin, which is used by hundreds of thousands of websites to create contact forms, payment forms, and other interactive elements. These vulnerabilities have put over 400,000 to 600,000 WordPress websites at risk of remote takeover and other severe attacks.
Researchers have discovered dozens of fake wallet Firefox add-ons are stealing sensitive credentials.
Posted inCybersecurity News

Researchers have discovered dozens of fake wallet Firefox add-ons are stealing sensitive credentials.

Dozens of fake wallet add-ons have recently flooded the official Firefox add-ons store, targeting cryptocurrency users by impersonating popular wallet brands and stealing sensitive credentials. Over 40 malicious extensions were discovered, posing as legitimate wallets from well-known providers such as Coinbase, MetaMask, Trust Wallet, Phantom, Exodus, OKX, Keplr, and MyMonero.
Scattered Spider redux. Qantas Airways confirms significant cyberattack against third-party customer service platform.
Posted inCybersecurity News

Scattered Spider redux. Qantas Airways confirms significant cyberattack against third-party customer service platform.

Qantas Airways has confirmed a significant cyberattack affecting a third-party customer service platform used by one of its contact centers, resulting in the exposure of personal data for up to six million customers. The compromised data includes names, email addresses, phone numbers, dates of birth, and frequent flyer numbers. Importantly, no credit card, financial, or passport information was stored on the affected system, and frequent flyer account credentials (passwords, PINs, logins) were not accessed.
Iranian hackers claim to possess about 100 gigabytes of emails from Trump’s circle.
Posted inCybersecurity News

Iranian hackers claim to possess about 100 gigabytes of emails from Trump’s circle.

Pro-Iran hackers have recently threatened to release a large trove of emails allegedly stolen from individuals closely associated with former President Donald Trump. U.S. federal officials have characterized this as a “calculated smear campaign” and dismissed the threat as “digital propaganda” designed to undermine Trump and other government officials. However, previously leaked documents by the group were authenticated and included communications about campaign strategy and legal matters involving Stormy Daniels
Kelly Benefits says data breach impacts 550,000 people.
Posted inCybersecurity News

Kelly Benefits says data breach impacts 550,000 people.

A major data breach at Kelly & Associates Insurance Group (dba Kelly Benefits) has impacted over 550,000 individuals after hackers accessed and stole sensitive files from the company’s IT systems in December 2024. The breach, which initially appeared to affect around 32,000 people, was later found to compromise the data of 553,660 individuals as the investigation progressed and more affected parties were identified.
Verizon and T-Mobile deny breached databased of more than 100 million customers for sale on Dark Web belongs to them.
Posted inCybersecurity News

Verizon and T-Mobile deny breached databased of more than 100 million customers for sale on Dark Web belongs to them.

Verizon and T-Mobile are both denying recent data breaches after a cybercriminal claimed to be selling the personal records of over 100 million users from the two companies online. The seller, known as G_mic on a cybercrime forum, is offering what they say are 61 million Verizon customer records and 55 million T-Mobile customer records for sale, with the data marked as being from 2025.
Cybercriminals are using Vercel’s v0 AI tool to generate remarkably convincing fake login pages at scale.
Posted inCybersecurity News

Cybercriminals are using Vercel’s v0 AI tool to generate remarkably convincing fake login pages at scale.

Cybercriminals have recently weaponized Vercel’s v0 AI tool to rapidly generate convincing fake login pages at scale, marking a significant evolution in phishing tactics. Vercel’s v0 is a generative AI platform designed to help developers create landing pages and full-stack applications using simple natural language prompts. However, threat actors have exploited this capability to create realistic phishing sites that closely mimic legitimate login pages for brands such as Okta, Microsoft 365, and cryptocurrency services.